CVE-2023-3899

Summary

CVE	CVE-2023-3899
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2023-08-23 11:15:00 UTC
Updated	2023-11-09 20:11:00 UTC
Description	A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.redhat.RHSM1.Config.SetAll() method, a low-privileged local user could tamper with the state of the registration, by unregistering the system or by changing the current entitlements. This flaw allows an attacker to set arbitrary configuration directives for /etc/rhsm/rhsm.conf, which can be abused to cause a local privilege escalation to an unconfined root.

Risk And Classification

Problem Types: CWE-863

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Fedoraproject	Fedora	37	All	All	All
Operating System	Fedoraproject	Fedora	38	All	All	All
Operating System	Redhat	Enterprise Linux	8.0	All	All	All
Operating System	Redhat	Enterprise Linux	9.0	All	All	All
Operating System	Redhat	Enterprise Linux Desktop	7.0	All	All	All
Operating System	Redhat	Enterprise Linux Eus	8.6	All	All	All
Operating System	Redhat	Enterprise Linux Eus	8.8	All	All	All
Operating System	Redhat	Enterprise Linux Eus	9.0	All	All	All
Operating System	Redhat	Enterprise Linux Eus	9.2	All	All	All
Operating System	Redhat	Enterprise Linux For Arm 64	8.0	All	All	All
Operating System	Redhat	Enterprise Linux For Arm 64	9.0	All	All	All
Operating System	Redhat	Enterprise Linux For Arm 64	9.2	All	All	All
Operating System	Redhat	Enterprise Linux For Arm 64 Eus	8.6	All	All	All
Operating System	Redhat	Enterprise Linux For Arm 64 Eus	8.8	All	All	All
Operating System	Redhat	Enterprise Linux For Arm 64 Eus	9.0	All	All	All
Operating System	Redhat	Enterprise Linux For Arm 64 Eus	9.2	All	All	All
Operating System	Redhat	Enterprise Linux For Ibm Z Systems	7.0	All	All	All
Operating System	Redhat	Enterprise Linux For Ibm Z Systems	8.0	All	All	All
Operating System	Redhat	Enterprise Linux For Ibm Z Systems	9.0	All	All	All
Operating System	Redhat	Enterprise Linux For Ibm Z Systems	9.2	All	All	All
Operating System	Redhat	Enterprise Linux For Ibm Z Systems Eus	8.6	All	All	All
Operating System	Redhat	Enterprise Linux For Ibm Z Systems Eus	8.8	All	All	All
Operating System	Redhat	Enterprise Linux For Ibm Z Systems Eus	9.0	All	All	All
Operating System	Redhat	Enterprise Linux For Ibm Z Systems Eus	9.2	All	All	All
Operating System	Redhat	Enterprise Linux For Power Big Endian	7.0	All	All	All
Operating System	Redhat	Enterprise Linux For Power Little Endian	7.0	All	All	All
Operating System	Redhat	Enterprise Linux For Power Little Endian	8.0	All	All	All
Operating System	Redhat	Enterprise Linux For Power Little Endian	9.0	All	All	All
Operating System	Redhat	Enterprise Linux For Power Little Endian Eus	8.8	All	All	All
Operating System	Redhat	Enterprise Linux For Power Little Endian Eus	9.0	All	All	All
Operating System	Redhat	Enterprise Linux For Power Little Endian Eus	9.2	All	All	All
Operating System	Redhat	Enterprise Linux For Scientific Computing	7.0	All	All	All
Operating System	Redhat	Enterprise Linux Server	7.0	All	All	All
Operating System	Redhat	Enterprise Linux Server Aus	8.2	All	All	All
Operating System	Redhat	Enterprise Linux Server Aus	8.4	All	All	All
Operating System	Redhat	Enterprise Linux Server Aus	8.6	All	All	All
Operating System	Redhat	Enterprise Linux Server Aus	9.2	All	All	All
Operating System	Redhat	Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions	8.1	All	All	All
Operating System	Redhat	Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions	8.2	All	All	All
Operating System	Redhat	Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions	8.4	All	All	All
Operating System	Redhat	Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions	8.6	All	All	All
Operating System	Redhat	Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions	8.8	All	All	All
Operating System	Redhat	Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions	9.0	All	All	All
Operating System	Redhat	Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions	9.2	All	All	All
Operating System	Redhat	Enterprise Linux Server Tus	8.2	All	All	All
Operating System	Redhat	Enterprise Linux Server Tus	8.4	All	All	All
Operating System	Redhat	Enterprise Linux Server Tus	8.6	All	All	All
Operating System	Redhat	Enterprise Linux Server Tus	8.8	All	All	All
Operating System	Redhat	Enterprise Linux Server Update Services For Sap Solutions	9.0	All	All	All
Operating System	Redhat	Enterprise Linux Server Update Services For Sap Solutions	9.2	All	All	All
Application	Redhat	Enterprise Linux Update Services For Sap Solutions	8.1	All	All	All
Application	Redhat	Enterprise Linux Update Services For Sap Solutions	8.2	All	All	All
Application	Redhat	Enterprise Linux Update Services For Sap Solutions	8.4	All	All	All
Application	Redhat	Enterprise Linux Update Services For Sap Solutions	8.6	All	All	All
Application	Redhat	Enterprise Linux Update Services For Sap Solutions	8.8	All	All	All
Operating System	Redhat	Enterprise Linux Update Services For Sap Solutions	8.1	All	All	All
Operating System	Redhat	Enterprise Linux Update Services For Sap Solutions	8.2	All	All	All
Operating System	Redhat	Enterprise Linux Update Services For Sap Solutions	8.4	All	All	All
Operating System	Redhat	Enterprise Linux Update Services For Sap Solutions	8.6	All	All	All
Operating System	Redhat	Enterprise Linux Update Services For Sap Solutions	8.8	All	All	All
Operating System	Redhat	Enterprise Linux Workstation	7.0	All	All	All
Application	Redhat	Subscription-manager	All	All	All	All

References

Reference	Source	Link	Tags
Red Hat	MISC	access.redhat.com
[SECURITY] Fedora 37 Update: subscription-manager-1.29.37-1.fc37 - package-announce - Fedora Mailing-Lists	MISC	lists.fedoraproject.org
2225407 – (CVE-2023-3899) CVE-2023-3899 subscription-manager: inadequate authorization of com.redhat.RHSM1 D-Bus interface allows local users to modify configuration	MISC	bugzilla.redhat.com
cve-details	MISC	access.redhat.com
Red Hat	MISC	access.redhat.com
Red Hat	MISC	access.redhat.com
Red Hat	MISC	access.redhat.com
Red Hat	MISC	access.redhat.com
Red Hat	MISC	access.redhat.com
Red Hat	MISC	access.redhat.com
Red Hat	MISC	access.redhat.com
[SECURITY] Fedora 38 Update: subscription-manager-1.29.37-1.fc38 - package-announce - Fedora Mailing-Lists	MISC	lists.fedoraproject.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

241955 Red Hat Update for subscription-manager (RHSA-2023:4702)
241956 Red Hat Update for subscription-manager (RHSA-2023:4704)
241958 Red Hat Update for subscription-manager (RHSA-2023:4703)
241959 Red Hat Update for subscription-manager (RHSA-2023:4705)
241961 Red Hat Update for subscription-manager (RHSA-2023:4701)
241962 Red Hat Update for subscription-manager (RHSA-2023:4708)
241963 Red Hat Update for subscription-manager (RHSA-2023:4706)
241964 Red Hat Update for subscription-manager (RHSA-2023:4707)
257252 Centos Security Update for subscription-manager
378886 Alibaba Cloud Linux Security Update for subscription-manager (ALINUX2-SA-2023:0037)
379090 IBM QRadar SIEM Multiple Security Vulnerabilities (7070736)
673810 EulerOS Security Update for subscription-manager (EulerOS-SA-2024-1302)